Showing papers on "Merkle signature scheme published in 1989"

On-line/off-line digital signatures

Abstract: We introduce and exemplify the new concept of ON-LINE/OFF-LINE digital signature schemes. In these schemes the signing of a message is broken into two phases. The first phase is off -line. Though it requires a moderate amount of computation, it presents the advantage that it can be performed leisurely, before the message to be signed is even known. The second phase is on-line. It starts after the message becomes known, it utilizes the precomputation of the first phase and is much faster.A general construction which transforms any (ordinary) digital signature scheme to an on-line/off-line signature scheme is presented, entailing a small overhead. For each message to be signed, the time required for the off-line phase is essentially the same as in the underlying signature scheme; the time required for the on-line phase is essentially negligible. The time required for the verification is essentially the same as in the underlying signature scheme.In a practical implementation of our general construction, we use a variant of Rabin's signature scheme (based on factoring) and DES. In the on-line phase, all we use is a moderate amount of DES computation. This implementation is ideally suited for electronic wallets or smart cards.On-line/Off-line digital schemes may also become useful in case substantial progress is made on, say, factoring. In this case, the length of the composite numbers used in signature schemes may need to be increased and signing may become impractical even for the legitimate user. In our scheme, all costly computations are performed in the off-line stage while the time for the on-line stage remains essentially unchanged.An additional advantage of our method is that in some cases the transformed signature scheme is invulnerable to chosen message attack even if the underlying (ordinary) digital signature scheme is not. In particular, it allows us to prove that the existence of signature schemes which are unforgeable by known message attack is a (necessary and) sufficient condition for the existence of signature schemes which are unforgeable by chosen message attack.

A signature with shared verification scheme

Abstract: This paper presents a signature scheme for a single user or a group of users The shared verification of such a signature uses the principle of threshold schemes The constructions are based on a special class of finite incidence structures, so called generalised quadrangles

Two new efficient cryptosystems based on Rabin's scheme: alternatives to RSA cryptosystem

Abstract: Proposes two distinct cryptosystems based on Rabin's scheme. The first incorporates coding theory and provides encryption only. The second provides simultaneously both private encryption and digital signature for network users. In the cases where the second scheme provides only encryption or only digital signature, the scheme provides that the bit ratio between plaintext and ciphertext is 1:1, i.e. equivalent to that of the RSA scheme. >

A Fast Signature Scheme Based on Congruential

Abstract: Ah"tract -A new digital signature scheme is proposed in which the computation time is much shorter than that of the Rivest-Shamir­ Adelman (RSA) scheme, while the key length and signature length are comparable to those for the RSA scheme. Moreover, the proposed scheme can he implemented easH} and is, therefore, more prdctical for many digital signa ture applications. This new scheme is based on congruential polynomial operations whose degrees ar e more than three, The secret key consists of t "0 large prime numbers, p and q, and the pnblic key is their